--- title: "How to check if Drupal user password is well hashed" date: "2022-03-16T19:42:39+00:00" summary: image: type: "article" url: "/acquia-cloud-platform/help/94101-how-check-if-drupal-user-password-well-hashed" id: "ec353cb4-350a-4658-a223-9cc4f89c828c" --- ### Issue Drupal login is not recognizing a password of a user. ### Cause One possible reason is the password could be store with a wrong hash. ### Solution To verify if the password is store with a valid hash you will need to use a module called [`drop_the_ripper`](https://www.drupal.org/project/drop_the_ripper). After the module is installed and the code is deployed, SSH in the server and create a file adding the password of the user you want to test. For example file: echo "1234567Aa" > /mnt/tmp/password.txt To test run the following command in site `docroot`: site.env@server-xxxxxx:/var/www/html/site.env/docroot$ drush dtr --uid=[user-id] --wordlist=/mnt/tmp/password.txt If the `drop_the_ripper` module do not find the password you will see a output like this: Users to check: 1 [success] Ran 5 password checks for 1 user(s) in 0.25 seconds. [success] If `drop_the_ripper` managed to find it, the output should be something like this Users to check: 1 [success] Match: uid=[id-user] name=[user-email] status=1 password=1234567Aa [success] Ran 5 password checks for 1 user(s) in 0.25 seconds. This way you could verify if the hash is valid.